Senior Associate Vulnerability Analyst ( PCI Compliance )
Discover. A brighter future.
With us, you'll do meaningful work from Day 1. Our collaborative culture is built on three core behaviors: We Play to Win, We Get Better Every Day & We Succeed Together. And we mean it - we want you to grow and make a difference at one of the world's leading digital banking and payments companies. We value what makes you unique so that you have an opportunity to shine.
Come build your future, while being the reason millions of people find a brighter financial future with Discover.
Job Description:
At Discover, be part of a culture where diversity, teamwork and collaboration reign. Join a company that is just as employee-focused as it is on its customers and is consistently awarded for both. We're all about people, and our employees are why Discover is a great place to work. Be the reason we help millions of consumers build a brighter financial future and achieve yours along the way with a rewarding career.
As part of the Cybersecurity GRC Organization, you will be responsible for all facets of the PCI compliance assessment program. The annual assessments are required to provide assurance to business & network partners that the technologies in scope for Payment Services' card payment processing environment have been secured in accordance with current data security standards. The Senior Associate Vulnerability Analyst is responsible for coordinating or conducting cybersecurity assessments, identify any gaps and potential threats, and work with the technology teams to remediate them. This person must be a strong communicator and comfortable collaborating with all levels of management as well as the business, infrastructure, engineering, architecture, operations, and application teams. The ideal candidate will have good customer focus, a positive attitude, and excellent interpersonal, verbal and written communication skills with a strong attention to detail.
Responsibilities
- Lead cybersecurity assessments of applications and/or technologies
- Facilitate assessment meetings between external assessors, Business and Technology teams (Application Development, Infrastructure, Cybersecurity, etc.).
- Manage assessment lifecycle beginning to end. Assessment activities include pre-assessment meetings, artifact/evidence collection, assessment workflow management, cybersecurity assessment report generation and documenting risk associated with compliance issues.
- Record non-compliance as gaps and assist impacted technology teams to remediate them.
- Ensure new, in-scope applications are deployed in a compliant manner.
- Act as subject matter expert for business technology and business partners for security compliance related matters. Provide security compliance consulting services as needed.
- Maintain accurate information and support departmental reporting needs
- Responsible for assessment program maturity, ensuring assessment-related documentation and activities align with current cybersecurity standards as well as the current threat landscape.
- Contribute to the evolution of the assessment program ensuring alignment with enterprise and BT initiatives.
- Maintain PCI Information Security Auditor (ISA) certification on annual basis
Minimum Qualifications
At a minimum, here's what we need from you:
- Bachelors - Computer Science, Information Security, Business, Analytics or relate
- 2+ Years of experience in Information Security, Cybersecurity, Computer Science, Data Analytics or related
- In lieu of a degree 4+ Years - Information Security, Cybersecurity, Computer Science, Data Analytics or related
Internal applicants only: technical proficiency rating of advanced beginner on the Dreyfus cybersecurity scale
Preferred Qualifications
If we had our say, we'd also look for:
- Prior experience of security assessments of systems, applications at any level is a plus.
- Knowledge of IS Risk Frameworks and Standards (PCI-DSS, NIST 800-53, ISO 27000 series, NIST Cybersecurity Framework).
- Ability to understand and apply data security requirements, including PCI.
- Familiar with most technology infrastructure components (Unix/Linux, Windows, Middleware, Mainframe, Storage, Networking, etc.), public cloud platforms (eg:AWS) and data analytics technologies and processes (eg: Snowflake).
- Understanding of Agile development concepts and methodologies
- Have excellent communication skills and be able to articulate complicated situations in a precise and concise manner.
- Ability to manage multiple tasks simultaneously without compromising on quality.
- Strong project management skills with the ability to recognize obstacles that may derail progress and take the necessary steps to eliminate those obstacles and/or escalate appropriately.
External applicants will be required to perform a technical interview.
What are you waiting for? Apply today!
And by the way, while you're waiting to hear from us, don't forget to check out the great benefits Discover offers.
All Discover employees place our customers at the very center of our work. To deliver on our promises to our customers, each of us contribute every day to a culture that values compliance and risk management.
Application Deadline:
The application window for this position is anticipated to close on Feb-17-2024. We encourage you to apply as soon as possible. The posting may be available past this date, but it is not guaranteed.
Compensation:
The base pay for this position generally ranges between $88,500.00 to $149,300.00. Additional incentives may be provided as part of a market competitive total compensation package. Factors, such as but not limited to, geographical location, relevant experience, education, and skill level may impact the pay for this position.
Benefits:
We also offer a range of benefits and programs based on eligibility. These benefits include:
- Paid Parental Leave
- Paid Time Off
- 401(k) Plan
- Medical, Dental, Vision, & Health Savings Account
- STD, Life, LTD and AD&D
- Recognition Program
- Education Assistance
- Commuter Benefits
- Family Support Programs
- Employee Stock Purchase Plan
Learn more at MyDiscoverBenefits.com .
What are you waiting for? Apply today!
All Discover employees place our customers at the very center of our work. To deliver on our promises to our customers, each of us contribute every day to a culture that values compliance and risk management.
Discover is committed to a diverse and inclusive workplace. Discover is an equal opportunity employer and does not discriminate on the basis of race, color, religion, sex, sexual orientation, gender identity, national origin, age, disability, protected veteran status, or other legally protected status. (Know Your Rights)